5185160e0df07fe44ce0658e235404a30e72daf7107c7bf5c49f76e03635fccb | Triage

Sharing

General

Target

ea846e3db0965460007dbb6d44766486_JaffaCakes118
Size

112KB
Sample

240919-d8dxxaygnh
MD5

ea846e3db0965460007dbb6d44766486
SHA1

4702c8ce8ab87311a2f8dd7aca7dc49a96cd64bf
SHA256

5185160e0df07fe44ce0658e235404a30e72daf7107c7bf5c49f76e03635fccb
SHA512

f05ce283ff9ec73f50ce4e882187d79002f7a0164227f5d854855ac6169bea8ead4a2fee8c796cf42d8f634ae9d0734ddfbcf2aa2f6beae2eb488b8d2206781f
SSDEEP

1536:xQHBkybTa+cGLB+6QsxN6JP6NG4cZy6+aof8F6OIJGfK9ZSkUR8mgPxeNrtthVsN:xQhkD+cma0Gpw65km6OIGamg52tjw

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ea846e3db0965460007dbb6d44766486_JaffaCakes118
- Size
  
  112KB
- MD5
  
  ea846e3db0965460007dbb6d44766486
- SHA1
  
  4702c8ce8ab87311a2f8dd7aca7dc49a96cd64bf
- SHA256
  
  5185160e0df07fe44ce0658e235404a30e72daf7107c7bf5c49f76e03635fccb
- SHA512
  
  f05ce283ff9ec73f50ce4e882187d79002f7a0164227f5d854855ac6169bea8ead4a2fee8c796cf42d8f634ae9d0734ddfbcf2aa2f6beae2eb488b8d2206781f
- SSDEEP
  
  1536:xQHBkybTa+cGLB+6QsxN6JP6NG4cZy6+aof8F6OIJGfK9ZSkUR8mgPxeNrtthVsN:xQhkD+cma0Gpw65km6OIGamg52tjw
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence